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Amendments to the Claims : 

This listing of claims will replace all prior versions, and listings, of claims in 
the application: 

1. (currently amended) A method for protecting publicly accessible 
network computer services from undesirable network traffic in real-time, the method 
comprising: 

receiving network traffic including a stream of service requests destined for the 
publicly accessible network computer services; 

generating request statistics based on the stream of service requests; 

analyzing the network traffic request statistics to identify an undesirable user 
of the services; and 

limiting or removing access of the identified undesirable user to the services to 
protect the services. 

2. (original) The method as claimed in claim 1 wherein the undesirable 
network traffic includes denial of service attacks. 

3. (original) The method as claimed in claim 1 wherein the network is the 

Internet. 

4. (currently amended) The method as claimed in claim 1 further 
comprising generating one or more user profiles from the request statistics network t r affic 
wherein the step of analyzing includes the step of comparing the one or more user profiles with 
a predetermined profile to determine the undesirable user. 

5 . (cancel) 

6. (currently amended) The method as claimed in claim 5 1 wherein the 
request statistics include connection statistics and service request distributions. 
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7. (original) The method as claimed in claim 6 wherein the network is the 
Internet and wherein the step of generating request statistics includes the steps of collecting and 
correlating Border Gateway Protocol (BGP) data from the Internet to obtain the service request 
distributions. 

8. (original) The method as claimed in claim 7 wherein the step of 
correlating includes the step of identifying a topologically clustered set of machines in the 
Internet based on the data and wherein the service request distributions are generated from the 
set of machines. 

9 . (currently amended) A system for protecting publicly accessible network 
computer services from undesirable network traffic in real-time, the system comprising: 

an interface for receiving network traffic including a stream of service requests 
destined for the publicly accessible network computer services; 

a forwarding engine for generating request statistics based on the stream of 
service requests: and 

a analysis engine in communication with the forwarding engine for analyzing 
the request statistics network t r affic to identify an undesirable user of the servicesranti a the 
forwarding engine in communication with the analysis engine fo r limiting or removing access 
of the identified undesirable user to the services to protect the services. 

10. (original) The system as claimed in claim 9 wherein the undesirable 
network traffic includes denial of service attacks. 

1 1 . (original) The system as claimed in claim 9 wherein the network is the 

Internet. 

12. (currently amended) The system as claimed in claim 9 wherein the 
forwarding engine generates one or more user profiles from the request statistics network 
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t r affic and wherein the analysis engine compares the one or more user profiles with a 
predetermined profile to determine the undesirable user. 

13. (cancel) 

14. (currently amended) The system as claimed in claim iS 9 wherein the 
request statistics include connection statistics and service request distributions. 

15 . (original) The system as claimed in claim 14 wherein the network is the 
Internet and wherein the forwarding engine collects and correlates Border Gateway Protocol 
(BGP) data from the Internet to obtain the service request distributions. 

16. (original) The system as claimed in claim 15 wherein the forwarding 
engine identifies a topologically clustered set of machines in the Internet based on the data and 
wherein the service request distributions are generated from the set of machines. 



